Skills
skills/mitsuhiko/agent-stuff/anachb/Gen Agent Trust Hub

anachb

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • COMMAND_EXECUTION (LOW): The shell scripts (search.sh, departures.sh, route.sh) interpolate user-provided arguments directly into JSON payloads for curl. While the use of the '"$VAR"' quoting pattern helps prevent simple shell injection, this remains a vulnerable pattern for JSON injection and argument manipulation if the input contains unescaped quotes.
  • EXTERNAL_DOWNLOADS (LOW): The skill communicates with https://vao.demo.hafas.de, a public endpoint for Austrian traffic information. This is required for the skill's primary function but represents an external dependency.
  • PROMPT_INJECTION (LOW): The skill exhibits an Indirect Prompt Injection surface (Category 8). Evidence: 1. Ingestion points: HAFAS API responses in all scripts (station names, disruption text). 2. Boundary markers: None. 3. Capability inventory: Subprocess calls (curl, jq). 4. Sanitization: None. It ingests untrusted data from an external API and passes it back to the agent without sanitization or boundary markers.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:08 PM